Sony Brings the Bling with Swarovski Photoframe

Microsoft Offers $250,000 Worm Bounty

Microsoft Offers $250,000 Worm Bounty

Microsoft is offering a $250,000 reward for the information that leads to the arrest and conviction of the creator(s) of the infamous Conficker/Downadup worm.

Microsoft has partnered with a broad range of computer several security and Internet governance organizations to offer a $250,000 bounty for information that leads to the arrest and conviction of the creator(s) of the Conficker/Downadup worm. The reward is available to residents of any country—at least so far as countries laws permit; Microsoft’s partners in the effort include ICANN, DNS developers, and leading computer security firms. Microsoft is categorizing the Conficker worm as a criminal attack, and sees the $250,000 bounty as a way to put more pressure on online fraudsters and cybercriminals.

“As part of Microsoft’s ongoing security efforts, we constantly look for ways to use a diverse set of tools and develop methodologies to protect our customers,” said the general manager of Microsoft’s Trustworthy Computing Group, George Stathakopoulos, in a statement. “By combining our expertise with that of the broader community we can expand the boundaries of defense to better protect people worldwide.”

The Conficker/Downadup worm first appeared in October 2008 and spreads using a known buffer overflow vulnerability in Windows. Once executed, the worm disables Windows Update and security utilities, and attaches itself to common processes like Internet Explorer and svchost.exe. Once running, the worm contacts a master server for additional payloads, which can include additional malware; part of Conficker’s insidiousness is that it “phones home” to a list of 250 different domains every day, making it difficult for security firms to locate and pre-empt the master server controlling compromised machines. While the worm’s domain selection process has been cracked and patches and utilities are available to keep it from successfully downloading additional payloads, the worm has still infected an estimated 9 million computers.

ICANN, Neustar, VeriSign, CNNIC, Afilias, Public Internet Registry, Global Domains International, M1D Global, AOL, Symantec, F-Secure, ISC, researchers from Georgia Tech, Shadowserver Foundation, Arbor Networks, and Support Intelligence have partnered with Microsoft on the bounty program.

Microsoft has posted a security bulletin detailing how to disable and remove the worm from infected systems.

Related Posts

Trackback URL: http://www.digitaltrends.com/computing/microsoft-offers-250000-worm-bounty/trackback/

blog comments powered by Disqus

Join The Digital Trends Community

DT RSS Feed

Everyone wants to be an insider, and you can be one too! Choose your poison: sign-up for our Newsletter, join us on Facebook, or follow us on Twitter. Do all three and you'll be swimming in the the latest news, reviews, videos and more gadget goodness!

DT Newsletter Sign-Up

Sign-up for the Digital Trends newsletter and find out about the latest contests, the hottest content, and the most popular videos. Let us keep you up-to-date!

Our Facebook

Become a DT soldier! Join us on Facebook and share the best news, guides, videos and other cool information directly with all your friends. Some might even thank you for it!

Join the thousands and follow the best of us on Facebook.

Twitter Us

Do you like information in small snippets? Then our Twitter feed is just for you. Follow Digital Trends and you'll be able to catch up daily on our latest content, or even interact directly with our team. Tweet Tweet!

Join the thousands and follow the best of us on Twitter.

That’s Right, Sign-up For Our Monthly Random Prize Drawings and You Could Be That Winner.